[colug-432] Internet Census 2012 (Open ports by the millions).

Vince Herried vherried at gmail.com
Fri Mar 22 17:41:09 EDT 2013


A European friend sent me a link to this document.
The introduction reads:


Two years ago while spending some time with the Nmap Scripting Engine (NSE)
> someone mentioned that we should try the classic telnet login root:root on
> random IP addresses. This was meant as a joke, but was given a try. We
> started scanning and quickly realized that there should be several thousand
> unprotected devices on the Internet.
>
> After completing the scan of roughly one hundred thousand IP addresses, we
> realized the number of insecure devices must be at least one hundred
> thousand. Starting with one device and assuming a scan speed of ten IP
> addresses per second, it should find the next open device within one hour.
> The scan rate would be doubled if we deployed a scanner to the newly found
> device. After doubling the scan rate in this way about 16.5 times, all
> unprotected devices would be found; this would take only 16.5 hours.
> Additionally, with one hundred thousand devices scanning at ten probes per
> second we would have a distributed port scanner to port scan the entire
> IPv4 Internet within one hour.



Here is a link the the paper.
http://internetcensus2012.bitbucket.org/paper.html

Do we believe it or not?
If this is true is there any wonder that we have so many news accounts of
some sophisticated hacker
getting into secure accounts.

My own personal observation showed that huge numbers of  WIFI sites are
still open.
When  I walk my neighborhood and see names like belkin54g, dlink, linksys,
NETGEAR. I know I'm only a few steps
away from another WIFI hot spot.  There is  some hope, it appears that most
newer WIFI routers that folks get from their ISP are  password protected by
default but all those old machines are still working just fine.  The ones
the home owner  buys from Micro Center appear to be open.

Has any one bought a WIFI router and found them to be password enabled by
default.  A password based on
the serial number of the device maybe so one can't enter an account name
and password directly from the owners manual.

If you want to gain access to for instance a linksys router, search the web
for the account id and password.



-- 
Vince's outgoing mail address
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.colug.net/pipermail/colug-432/attachments/20130322/3c02f2b6/attachment.html 


More information about the colug-432 mailing list